Expand description
§Credential Exchange Format (CXF)
This crate contains type definitions for the FIDO Alliance’s credential exchange format specification. It’s targeting the Review Draft, March 13, 2025 revision.
The Credential Exchange Format defines standardized data structures and format of credentials that can be exchanged between two applications.
For more information about the credential exchange protocol, please read the Bitwarden blog post or the Fido Alliance announcement.
§Disclaimer
This library does not automatically clear sensitive values from memory. It is heavily encouraged to use it alongside a zeroizing global allocator like
zeroizing-alloc. We may be open to pull requests that adds nativezeroizesupport depending on the developer ergonomics.
This library is still in early development and as the specification evolves so will this library.
§Usage
use credential_exchange_format::Account;
fn import(data: &str) {
let account: Result<Account, _> = serde_json::from_str(&data);
}
fn export() -> Result<String, serde_json::Error> {
let account: Account = Account {
id: vec![1,2,3,4].as_slice().into(),
username: "".to_owned(),
email: "".to_owned(),
full_name: None,
collections: vec![],
items: vec![],
extensions: None,
};
serde_json::to_string(&account)
}Structs§
- Account
- Address
Credential - An AddressCredential provides information for autofilling address forms.
- Android
AppCertificate Fingerprint - Android
AppId Credential - An AndroidAppIdCredential contains the information required to verify and identify an Android application for automatically filling other credentials associated to the same Item as this one.
- ApiKey
Credential - A ApiKeyCredential contains information to interact with an Application’s Programming Interface (API).
- B32
- Newtype to encode and decode a vector of bytes to and from Base32.
- B64Url
- Base64URL encoded data
- Basic
Auth Credential - A BasicAuthCredential contains a username/password login credential. Can either represent a Basic access authentication or a form on a web page.
- Collection
- Credential
Scope - This is an object that describes an appropriate context in which the Item’s crate::Item::credentials can to be used.
- Credit
Card Credential - Custom
Fields Credential - Drivers
License Credential - A DriversLicenseCredential contains information about a person’s driver’s license. The fields reflect the relevant set of mandatory data fields defined by ISO 18013-1.
- Editable
Field - Editable
Field Boolean - Editable
Field Concealed String - Editable
Field Country Code - Editable
Field Date - Editable
Field String - Editable
Field Subdivision Code - Editable
Field Year Month - Fido2
Extensions - Fido2
Hmac Credentials - Fido2
Large Blob - File
Credential - A FileCredential acts as a placeholder to an arbitrary binary file holding its associated metadata. When an importing provider encounters a file credential, they MAY request the file afterwards if they have a direct exchange. If the exchange will produce an export response file, then the associated encrypted file MUST be stored in the documents folder of the zip archive.
- Generated
Password Credential - A GeneratedPasswordCredential type represents a credential consisting of a machine-generated password.
- Header
- Identity
Document Credential - An IdentityDocumentCredential is for any document, card, or number identifying a person or entity. Examples include national ID cards, Social Security Numbers (SSN), Tax Identification Numbers (TIN), health insurance cards, or Value-Added Tax (VAT) numbers.
- Item
- Item
Reference Credential - An ItemReferenceCredential is a pointer to another Item, denoting that the two items MAY be logically linked together.
- Linked
Item - NotB64
UrlEncoded - An error returned when a string is not base64 decodable.
- NotBase32
Encoded - The string was not base32 encoded
- Note
Credential - Passkey
Credential - Passkey
- Passport
Credential - A PassportCredential contains the details of a person’s passport. The fields reflect the relevant set of data elements defined by ICAO Doc 9303 Part 4.
- Person
Name Credential - A PersonNameCredential represents a person’s name as fields derived from Unicode Locale Data Markup Language Part 8: Person Names.
- SshKey
Credential - An SshKeyCredential represents an SSH (Secure Shell) key pair.
- Totp
Credential - Note: Enrollment in TOTP credentials historically has been quite non-standardized but typically authenticator and RP implementations have more or less aligned with the early Google Authenticator implementation spelled out at https://github.com/google/google-authenticator/wiki/Key-Uri-Format. This specification was designed with that in mind.
- Version
- Wifi
Credential - Wi-Fi Passphrase
Enums§
- Android
AppHash Algorithm - Credential
- Editable
Field Wifi Network Security Type - Extension
- An Extension is a generic object that can be used to extend the Item or Account with additional information.
- Fido2
Hmac Credential Algorithm - Field
Type - OTPHash
Algorithm